I’ve attended a number of conferences over the last few months, and the start of a new year also brings a raft of different vendors predicting the top threats for the year ahead. And whilst these are all valid, and undoubtedly more than likely to come true, there seems to be an underlying theme.
The majority of attacks still start with some kind of fraudulent email, with the aim of tricking the recipient to visit a site to input credentials or download malicious content.
Now generally speaking, the emails themselves have matured – they appear more convincing, the language used is more business-like and the use of logos adds to the “authenticity”. The added use of artificial intelligence is also contributing to these improvements.
So, what can we do? We need to go back to basics – but there is not necessarily a one size fits all solution for everyone.
The protections available to a micro or small business will be different to a large enterprise, and it also applies to the organisation’s maturity levels. But if we start with something as simple as implementing the controls set out in Cyber Essentials this will prevent the majority of commodity-based internet attacks having a devastating effect on our organisations.
Taking a high-level approach, we recommend implementing the following:
Firewalls and routers – ensure you have adequate protection at your network perimeter. Make sure your firewall policies are effective and only allow network traffic required for your business. This ensures only secure and necessary network services can be accessed from the internet
Malware protection – ensure all your devices have suitable malware protection installed and that this is kept up to date on a regular basis. This prevents known malware and untrusted software from causing damage or accessing your data.
Security update management – patching your software to the latest version will prevent cyber attackers attempting to exploit known vulnerabilities and gain access to your information assets.
Secure configuration – ensure your devices have any unused functionality removed; this includes the removal of unused accounts and software. This will ensure that only the services required are enables for use.
User access control – ensure that all the user accounts on your network operates on the principle of “least privilege.” This means that your users only have enough permissions to carry out the duties they are assigned.
How these controls are implemented will of course vary, but help is available. The National Cyber Security Centre (NCSC) has Cyber Advisors who can provide suitable support to businesses looking to implement the Cyber Essentials controls. The Cyber Advisor’s role is to look at how best to integrate the necessary controls to protect the organisation in a manner sympathetic to the size and operational model.
As both a NCSC Assured Cyber Advisor and a Certification Body for Cyber Essentials, our team has worked with a variety of organisations to offer reliable and appropriate advice to help implement the necessary controls. If you want to find out more, please get in touch.
